A server-side request forgery vulnerability exists in Jenkins Confluence Publisher Plugin 2.0.1 and earlier in ConfluenceSite.java that allows attackers to have Jenkins submit login requests to an attacker-specified Confluence server URL with attacker specified credentials.
CPE | Name | Operator | Version |
---|---|---|---|
confluence_publisher | le | 2.0.1 |